2017-10-06 98 views
0

我正在開發我的拼貼項目,其中管理員可以創建員工(教師),教師現在可以創建學生我的問題是,在索引和視圖文件中,任何員工都可以看到總數最近添加的學生列表。YII2根據用戶ID在視圖文件中顯示數據

我想在查看/索引文件中添加條件,以便特定教師可以查看由他或她創建的學生列表。

我有 俞拉吉Verma的用戶表和Employee表(創建者&通過更新)

問候,之間的鏈路

<section class="content doc-user-profile"> 
    <div class="col-md-12 text-center"> 
    </div> 
    </div> 
    <table class="table table-striped"> 
     <tr> 
      <th><?= $info->getAttributeLabel('stu_unique_id') ?></th> 
      <td><?= Html::encode($info->stu_unique_id) ?></td> 
     </tr> 
     <tr> 
      <th><?php echo Yii::t('stu', 'Name'); ?></th> 
      <td><?= Html::encode($this->title) ?></td> 
     </tr> 

     <tr> 
      <th><?= $info->getAttributeLabel('stu_email_id') ?></th> 
      <td><?= Html::encode($info->stu_email_id) ?></td> 
     </tr> 
     <tr> 
      <th><?= $info->getAttributeLabel('stu_mobile_no') ?></th> 
      <td><?= $info->stu_mobile_no ?></td> 
     </tr> 
     <tr> 
      <th><?php echo Yii::t('stu', 'Status'); ?></th> 
      <td> 
       <?php if($model->is_status==0) : ?> 
       <span class="label label-success"><?php echo Yii::t('stu', 'Active'); ?></span> 
       <?php else : ?> 
       <span class="label label-danger"><?php echo Yii::t('stu', 'InActive'); ?></span> 
       <?php endif; ?> 
      </td> 
     </tr> 
    </table> 
</div> 

<div class="col-lg-9 profile-data"> 
    <ul class="nav nav-tabs responsive" id = "profileTab"> 
     <li class="active" id = "personal-tab"><a href="#personal" data-toggle="tab"><i class="fa fa-street-view"></i> <?php echo Yii::t('stu', 'Personal'); ?></a></li> 
    </ul> 
    <div id='content' class="tab-content responsive"> 
     <div class="tab-pane active" id="personal"> 
      <?= $this->render('_tab_stu_personal', ['info' => $info, 'model' => $model]) ?> 
     </div> 
    </div> 
</div> 
</div> <!---End Row Div---> 

學生創建控制器被如下:

public function actionCreate() 
{ 
    $model = new StuMaster(); 
    $info = new StuInfo(); 
    $user =new User(); 
    $auth_assign = new AuthAssignment(); 

    if (Yii::$app->request->isAjax) { 
     if($info->load(Yii::$app->request->post())) { 
      \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; 
      return ActiveForm::validate($info); 
     } 
     if($model->load(Yii::$app->request->post())) { 
      \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; 
      return ActiveForm::validate($model); 
     } 
    } 

    $stud_uniq_no = \app\modules\student\models\StuInfo::find()->max('stu_unique_id'); 
    $uniq_id = NULL; 
    if(empty($stud_uniq_no)) { 
     $uniq_id = $info->stu_unique_id = 1; 
    } 
    else { 
     $chk_id = StuInfo::find()->where(['stu_unique_id' => $stud_uniq_no])->exists(); 
     if($chk_id) 
      $uniq_id = $stud_uniq_no + 1; 
     else 
      $uniq_id = $stud_uniq_no; 
    } 

    if ($model->load(Yii::$app->request->post()) && $info->load(Yii::$app->request->post())) 

    { 

     if (Yii::$app->request->isAjax) { 
        \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; 
        return ActiveForm::validate($info); 
     } 
     if (Yii::$app->request->isAjax) { 
        \Yii::$app->response->format = \yii\web\Response::FORMAT_JSON; 
        return ActiveForm::validate($model); 
     } 

     $model->attributes = $_POST['StuMaster']; 
     $info->attributes = $_POST['StuInfo']; 

     $info->stu_dob = Yii::$app->dateformatter->getDateFormat($_POST['StuInfo']['stu_dob']); 
     if(empty($_POST['StuInfo']['stu_email_id'])) 
     $info->stu_email_id = NULL; 
     else 
     $info->stu_email_id = strtolower($_POST['StuInfo']['stu_email_id']); 

     $login_id = \app\models\Organization::find()->one()->org_stu_prefix.$uniq_id; 
     $user->user_login_id = $login_id; 
     $user->user_password = md5($user->user_login_id.$user->user_login_id); 
     $user->user_type = "S"; 
     $user->created_by = Yii::$app->getid->getId(); 
     $user->created_at = new \yii\db\Expression('NOW()'); 

     if($info->save(false)) 
     { 
     $user->save(false); 
     } 


     $model->stu_master_stu_info_id = $info->stu_info_id; 
     $model->stu_master_user_id = $user->user_id; 
     $model->created_by = Yii::$app->getid->getId(); 
     $model->created_at = new \yii\db\Expression('NOW()'); 
     $model->save(false); 

     $s_info = StuInfo::findOne($model->stu_master_stu_info_id); 
     $s_info->stu_info_stu_master_id = $model->stu_master_id; 
     $s_info->save(false); 

     $auth_assign->item_name = 'Student'; 
     $auth_assign->user_id = $user->user_id; 
     $auth_assign->created_at = date_format(date_create(),'U'); 
     $auth_assign->save(false); 

     if ($model->save()) { 
     return $this->redirect(['view', 'id'=>$model->stu_master_id]); 
     } 
     else 
     return $this->render('create', ['model' => $model, 'info' => $info, 'uniq_id'=>$uniq_id]); 
    } else { 
     return $this->render('create', [ 
     'model' => $model, 'info' => $info, 'uniq_id'=>$uniq_id 
     ]); 
    } 
} 

回答

0

在你的「modelSearch」的搜索功能添加CREATED_BY過濾器:

public function search($params) 
{ 
    $query = StuInfo::find(); 
    ... 
    $query->andFilterWhere(['created_by' => Yii::$app->user->identity->id]); 
    .... 
} 

對於您的觀點(的actionView)如果該記錄是由登錄用戶創建渲染之前,你可以檢查。

這將變得複雜與時間,所以我建議使用授權 - Yii2 Access Control and Authorization

0

你創建操作就可以了。 你必須把索引/視圖控制器的行動限制 您的索引行爲應該是這樣的

public function actionIndex() 
    { 

     $searchModel = new StudentSearch(); 
     $query = Student::find()->where(['teacher_id'=>$logged_teacher_id_from_session]); 

     $dataProvider = new ActiveDataProvider([ 
      'query' => $query, 
      'pagination' => [ 
       'pageSize' => 20, 
      ], 
      'sort' => [ 
       'defaultOrder' => [ 
        'student_id' => SORT_ASC, 
       ] 
      ], 
     ]); 

     return $this->render('index', [ 

      'searchModel' => $searchModel, 
      'dataProvider' => $dataProvider, 
     ]); 
    } 

在這種情況下,老師是誰登錄只能看到他/學生

相關問題